Skip to main content

Obama’s Cybersecurity Executive Order Falls Short

Movies Preview

movies
Obama’s Cybersecurity Executive Order Falls Short


Published February 15, 2013


In his State
of the Union address, President Obama announced that he had signed an executive
order (EO) on cybersecurity. The order uses a standard-setting approach to
improve cybersecurity. However, such a model will only impose costs, encourage
compliance over security, keep the U.S. tied to past threats, and threaten
innovation.



While the EO
does take some positive steps in the area of information sharing, these steps
are hamstrung by the EO’s inability to provide critical incentives such as
liability protection. As a result, this order could result in few modest
changes, or it could result in substantial negative effects.



 



The Scope of the Order



The EO uses
a very broad definition of critical infrastructure, defining it as “systems and
assets, whether physical or virtual, so vital to the United States that the
incapacity or destruction of such systems and assets would have a debilitating
impact on security, national economic security, national public health or
safety, or any combination of those matters.”



Such a broad
definition could be understood to include systems normally considered outside
the cybersecurity conversation, such as agriculture. While there is no way of
knowing how far implementation will actually go, this broad definition is
certainly concerning.



Inhibited
Information Sharing



In Section
4, the EO attempts to expand information sharing in several noteworthy ways. It
calls for the federal government to quickly move unclassified information to
the private sector and increase the number of security clearances given to
appropriate owners of covered infrastructure. Additionally, the EO expands
already existing information-sharing systems such as the Defense Industrial
Base (DIB) Enhanced Cyber Services and Cyber Security/Information Assurance
Program. These objectives are worthwhile, and the President should be applauded
for including them.



However,
these worthwhile pursuits will not be very effective because the EO must rely
completely on existing authorities. Essentially, it directs government agencies
to do a better job of sharing information than they already are. And where it
does expand programs, such as with the DIB, these efforts will not be effective
without additional incentives and protections to get more businesses involved.
These include liability, Freedom of Information Act (FOIA), and regulatory-use
protections.



The problem
is that the EO cannot provide these important protections—they can be created
only by Congress. As a result, many businesses will be reluctant to share their
information for fear that their proprietary information could be endangered by
a FOIA request or that an honest mistake might lead to a lawsuit being filed
against them. Regarding other private-to-private or private-to-government
solutions, the EO is silent.



Although the
information-sharing provisions are limited, the privacy protections for this
limited sharing are actually where they should be. The EO calls for
consultation with privacy officers and oversight reports on the order’s
implementation. While some may find this provision weak, effective oversight is
the best way to respect privacy concerns while not limiting information sharing
that enhances the nation’s security.



 



Source: http://www.heritage.org/research/reports/2013/02/obama-s-cybersecurity-executive-order-falls-short



Producer franchesca blit
Language English

comment
Reviews

There are no reviews yet. Be the first one to write a review.
SIMILAR ITEMS (based on metadata)
eye
Title
Date Archived
Creator
Community Video
movies
eye 3,205
favorite 0
comment 0
Community Video
movies
eye 3
favorite 0
comment 0
Community Video
movies
eye 12
favorite 0
comment 0
Congressional Research Service
texts
eye 14
favorite 0
comment 0
Congressional Research Service
texts
eye 11
favorite 0
comment 0
Community Video
movies
eye 19
favorite 0
comment 0
Community Video
movies
eye 87
favorite 0
comment 0
Community Video
movies
eye 13
favorite 0
comment 0
Community Video
by Reh Dogg
movies
eye 129
favorite 0
comment 0